Avatar of garyLittle
garyLittle
 asked on

Followup question about VB.NETs weakness when it somes to protecting the algorithms of the primary code structure

This is a followup question concerning need for "obfuscation" of the code because someone can 'easily' get into and look at the primary code algorithms.
My application deals with highly classified encryption of data and if VB.NET opens up to the whole world what the algorithm is then there is a great problem.
This seems like a VERY GREAT WEAKNESS. I remember now that a few years ago I had decided that this problem was so serious that it kept me from converting to VB.NET. I thought by now that MS would have done something to fix it. Apprently not.
Has anyone run into this problem and does anyone have some sort of solution.
Gary
Visual Basic.NET

Avatar of undefined
Last Comment
KelvinY

8/22/2022 - Mon
KelvinY

Hi garyLittle,

I'm not sure where you get the idea that exposing an encryption algorithm is a weakness. The best encryption algortihms are the one's that have been extensively studdied and proven to have no obvious weaknesses. The only thing that needs to be secure is the encryption key. This a well-known principle - http://en.wikipedia.org/wiki/Kerckhoffs'_principle. Trying to keep you encryption algorithm secret is what Bruce Schneier calls Security Through Obscurity - http://www.schneier.com/crypto-gram-0205.html#1. The principle is that the fewer secrets you have the better your security.

If you are using .NET then you have access to some very secure algorithms in the System.Security.Cryptography namespace. These include the Rijndael and TripleDES algorithms. You would be well advised to use one of these rather than trying to roll your own algorithm.


Regards
  Kelvin
garyLittle

ASKER
Thank you for your information. I have looked at the references and learned from them.
HOWEVER, the question was not about encryption algorithms, I have already done that.

The purpose of my request for information is how do I get around the apparent weakness of
VB.NET with respect to it providing an easy way for others to view the internal methods and
procedures. Is there a way to "obfuscate"? Are there products to do that?
Thanks
ASKER CERTIFIED SOLUTION
KelvinY

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Your help has saved me hundreds of hours of internet surfing.
fblack61